Events

Stories

CVE-2013-0292

911658:
CVE-2013-0292 dbus-glib: Local privilege escalation due improper filtering of message sender when NameOwnerChanged signal received

The MITRE CVE dictionary describes this issue as:

The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib before 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which allows local users to gain privileges via a spoofed signal.